Employee Disclosure Text
PURPOSE AND LEGAL BASIS
This document has been prepared in accordance with the relevant Law, Regulation, and Communiqués for the purpose of fulfilling the obligation to inform data subjects during the collection of personal data by the data controller or authorized persons, in line with Article 10 of the "Personal Data Protection Law" and in compliance with the "Communiqué on the Procedures and Principles to Be Followed in the Fulfillment of the Obligation to Inform."
DEFINITIONS
Data Subject: The natural person whose personal data is processed. Data Controller: The natural or legal person who determines the purposes and means of processing personal data and is responsible for the establishment and management of the data recording system.
The definitions in the Law, Regulation, and Communiqués apply to terms not defined in this document.
SCOPE
This document applies to our Employees whose personal data is processed in accordance with the relevant Laws, Regulations, and the activities we conduct.
PRINCIPLES
The following principles are followed in the processing of personal data:
- Personal data is processed in accordance with the law and good faith.
- Personal data is processed accurately and updated when necessary.
- Personal data is processed for specific, clear, and legitimate purposes.
- Personal data is processed in a manner that is relevant, limited, and proportional to the purposes for which it is processed.
- Personal data is retained for the period required by the relevant legislation or the purposes for which it is processed.
data controller
|
TITLE |
AYDIN TİCARET BORSASI |
|
ADDRESS |
Ata Mahallesi 738 sk. No:2 Efeler/AYDIN |
|
PHONE |
+90 256 211 50 00 - +90 256 211 61 45/46/47 |
|
FAX |
+90 256 211 63 15 |
|
KEP |
PERSONAL DATA PROCESSED FOR MEMBERS
EMPLOYEE PERSONAL DATA PROCESSED
| Data Category | Personal Data | Retention and Disposal Period |
|---|---|---|
| Identity | Name-Surname | 10 years from the date of termination |
| ID Number | 10 years from the date of termination | |
| Population Register Details | 10 years from the date of termination | |
| Passport Information | 10 years from the date of termination | |
| Personnel | CV | 10 years from the date of termination |
| Criminal Record | 10 years from the date of termination | |
| Annual Leave | 10 years from the date of termination | |
| Payroll Information | 10 years from the date of termination | |
| Disciplinary Records | 10 years from the date of termination | |
| Contact | Phone Number | 10 years from the date of termination |
| 10 years from the date of termination | ||
| Fax | 10 years from the date of termination | |
| Address | 10 years from the date of termination | |
| Professional | Education Information | 10 years from the date of termination |
| Diploma Information | 10 years from the date of termination | |
| Health | Health Information | 15 years from the date of termination |
| Legal Process | Case File Information | 15 years from the date of termination |
| Visual and Audio | Photograph | 10 years from the date of termination |
| Transaction Security | IP Address | 1 year |
| Physical Security | Camera Records | 15 days |
PURPOSE OF PROCESSING EMPLOYEE PERSONAL DATA
Employee personal data is processed for the following purposes:
- Conducting Emergency Management Processes
- Conducting Information Security Processes
- Fulfilling Obligations Stemming from Employment Contract and Legislation for Employees
- Managing Employee Benefits and Entitlement Processes
- Conducting Audit/Ethics Activities
- Conducting Training Activities
- Managing Access Authorities
- Ensuring Compliance with Legislation
- Conducting Finance and Accounting Affairs
- Ensuring Physical Security
- Managing Assignment Processes
- Following and Managing Legal Affairs
- Conducting Communication Activities
- Conducting Business Activities / Supervision
- Conducting Occupational Health and Safety Activities
- Receiving and Evaluating Suggestions for Improving Business Processes
- Ensuring Business Continuity
- Organizing and Managing Events
- Managing Performance Evaluation Processes
- Managing Risk Processes
- Managing Contract Processes
- Conducting Strategic Planning Activities
- Following up Requests / Complaints
- Managing Wage Policy
- Conducting Talent/Career Development Activities
- Providing Information to Authorized Persons, Institutions, and Organizations
- Other (Reporting of Organizational Activities)
TRANSFER OF PERSONAL DATA
According to Article 8 of the "Personal Data Protection Law," your personal data cannot be transferred to third parties without the explicit consent of the data subject.
Personal data may be transferred to third parties without the explicit consent of the data subject in cases where the personal data can be processed without the data subject's explicit consent, as stipulated by law. Likewise, with sufficient precautions, personal data other than health and sexual life-related sensitive personal data may be transferred without the explicit consent of the data subject under the conditions provided by law. Personal data related to health and sexual life, however, may only be transferred without the explicit consent of the data subject by persons or authorized institutions and organizations under the obligation of confidentiality for purposes such as the protection of public health, preventive medicine, medical diagnosis, treatment, and the management of healthcare services and their financing.
Provisions in other laws regarding the transfer of personal data remain unaffected.
Your personal data may be transferred for the fulfillment of the purposes defined under the heading "Purposes of Processing Employee Personal Data" to:
- Public institutions or organizations permitted by the "Labor Law," "Occupational Health and Safety Law," "Social Security Law," "Union of Chambers and Commodity Exchanges of Turkey and Chambers and Commodity Exchanges Law," "Civil Servants Law," "Law on the Regulation of Publications on the Internet and Combating Crimes Committed Through These Publications," the "Personal Data Protection Law," and other relevant legislation;
- Public institutions such as the Personal Data Protection Authority, Ministry of Treasury and Finance, Ministry of Trade, Ministry of Family, Labor, and Social Services, Information and Communication Technologies Authority;
- The Union of Chambers and Commodity Exchanges of Turkey, other chambers and exchanges affiliated with the Union, our subsidiaries, and/or domestic/foreign direct or indirect affiliates;
- Domestic and foreign organizations and suppliers with whom we cooperate or receive services from for the execution of our activities as the Aydın Commodity Exchange, which are jointly and severally responsible for taking security measures such as ensuring the preservation of all kinds of personal data, preventing unauthorized access, and preventing unlawful processing;
- Within the conditions and purposes for processing personal data outlined in Articles 8 and 9 of the "Personal Data Protection Law."
METHOD OF COLLECTING PERSONAL DATA AND LEGAL BASIS
Personal data is collected in order to conduct the activities defined under the heading "Purposes of Processing Employee Personal Data," based on:
- Labor Law
- Occupational Health and Safety Law
- Social Security Law
- Union of Chambers and Commodity Exchanges of Turkey and Chambers and Commodity Exchanges Law
- Civil Servants Law
- Law on the Regulation of Publications on the Internet and Combating Crimes Committed Through These Publications
- Personal Data Protection Law
- Other relevant legislation
The data is collected verbally, in writing, or electronically during the employment process and throughout the continuation of the employment contract.
RIGHTS OF DATA SUBJECTS REGARDING THEIR PERSONAL DATA
By applying to our institution, our employees have the right to:
- Learn whether personal data is being processed,
- Request information if their data has been processed,
- Learn the purpose of the data processing and whether it is being used in accordance with that purpose,
- Learn the third parties to whom personal data is transferred domestically or abroad,
- Request correction of incomplete or inaccurate data,
- Request deletion or destruction of personal data under the conditions stipulated in Article 7 of the "Personal Data Protection Law,"
- Request notification of the third parties to whom the personal data has been transferred regarding the actions taken under paragraphs (e) and (f),
- Object to any results that arise to the detriment of the data subject due to the analysis of the processed data exclusively through automated systems,
- Demand compensation for damages incurred due to unlawful processing of personal data.
Pursuant to Article 13(1) of the "Personal Data Protection Law," you can submit your request to exercise your rights by sending a written application or an electronically signed application via KEP to our institution.
To exercise your rights mentioned above, you can fill out the "Personal Data Application Form" and send a signed copy of the form to AYDIN COMMODITY EXCHANGE Ata Mahallesi Denizli Bulvarı No:18 AYDIN by hand with identity documents, send it via notary, or send the form electronically signed to the registered email address aydinticaretborsasi@hs01.kep.tr.
RELEVANT DOCUMENTS
- Personal Data Protection Law
- Labor Law
- Occupational Health and Safety Law
- Social Security Law
- Union of Chambers and Commodity Exchanges of Turkey and Chambers and Commodity Exchanges Law
- Civil Servants Law
- Law on the Regulation of Publications on the Internet and Combating Crimes Committed Through These Publications
- Communiqué on the Procedures and Principles to Be Followed in the Fulfillment of the Obligation to Inform
- Personal Data Application Form (FRM.131)
