22 December 2024 Sunday
Personal Data Protection Authority, which is a public legal entity and has administrative and financial autonomy, has been established to carry out duties conferred on it under the Law No. 6698.
Please click the link to get more detail https://kvkk.gov.tr/en/
lEGıslatıons
AYDIN COMMODITY EXCHANGE personal data is processed in accordance with the procedures and principles stipulated in the Personal Data Protection Law and other laws.
Personal data cannot be processed without the explicit consent of the relevant person.
According to the Personal Data Protection Law, individuals' race, ethnic origin, political opinion, philosophical belief, religion, sect or other beliefs, appearance and dress, association, foundation or union membership, health, sexual life, criminal conviction and security measures, biometric data and genetic data are special personal data.
It is forbidden to process special personal data at AYDIN COMMODITY EXCHANGE without the express consent of the person concerned.
Special quality personal data are processed by taking the measures determined by the Personal Data Protection Board.
Data Category |
Description |
Identity |
Information such as Name-Surname, Parent's Name, Date of Birth, Place of Birth, Marital Status, Population Information, TR Identity Number, Passport. |
Contact |
Information such as Address, E-Mail Address, Contact Address, Registered Electronic Mail Address (KEP), Telephone Number, Fax |
Briefness |
Payroll Information, Disciplinary Information, Employment and Exit Records, CV Information, Annual Leave, |
Act in Law |
Correspondence with Judicial Authorities, Case Files |
Process Security |
IP Address |
Clients/Supplier Facts |
Invoice, Delivery Note, Check and Promissory Note Information, Bank Receipts, Credit Card Information |
Local Security |
Employee Entry and Exit Records, Camera Records |
Finance |
Bank Info |
Jop Experience |
Diploma Information, Courses Attended, Vocational Training Information, Certificates, |
Audio Visual Documents |
Photos |
Health Info (qualified person) |
Blood Type, Health Reports, Disability Information |
Servitude |
Criminal Record, Enforcement Case Information |
|
Relevant Persons may apply to AYDIN COMMODITY EXCHANGE to:
In accordance with the 1st paragraph of Article 13 of the Personal Data Protection Law, Relevant Persons may submit their requests to exercise their above-mentioned rights to AYDIN COMMODITY EXCHANGE in writing or with an electronic signature via KEP.
To exercise the above-mentioned rights, they must provide the necessary identifying information and explanations. The request containing the Personal Data Application Form can be submitted by filling out the Personal Data Application Form and with a signed copy of the form to the address AYDIN COMMODITY EXCHANGE Ata Mahallesi 738 st. 2 AYDIN with identifying documents in person, through a notary or with a secure electronic signature to aydinticaretborsasi@hs01.kep.tr.
AYDIN COMMODITY EXCHANGE;
The personal data is In case it is committed by another real or legal person on its behalf, it takes the necessary measures together with these persons, ensures their implementation and supervises it. Inspections regarding whether the provisions of the law are implemented are carried out annually, and in case of non-compliances are detected, it carries out the necessary correction activities. Regarding audits, if necessary, outsourcing services are carried out. Data processed within the scope of AYDIN COMMODITY EXCHANGE activities cannot be disclosed to anyone else by data processors contrary to the provisions of the Law and cannot be used for purposes other than processing. This obligation continues even after the data processors leave their positions.
If the processed personal data is obtained by others through illegal means, AYDIN COMMERCE EXCHANGE shall notify the relevant person and the Board of this situation as soon as possible. If necessary, the Board may announce this situation on its own website or through another method it deems appropriate.
In order to ensure Data Security; Personal data inventory and applied protection methods are determined on an operational basis. In order to determine and evaluate Protection Methods, Risk and Threat Identification studies are carried out and methods are developed to eliminate vulnerabilities, if any. Personal Data Inventory, Applied Protection Methods and the status of Risks and Threats are reviewed and revised through annual audits and evaluations. In addition, if there is a situation that may affect information security, these audits are carried out without waiting for the completion of the annual period and precautions are taken.
The following administrative measures are implemented to protect Personal Data.
No |
Description |
1 |
There are disciplinary regulations that include data security provisions for employees. |
2 |
Training and awareness studies on data security are carried out for employees at regular intervals. |
3 |
An authorization matrix has been created for employees. |
4 |
Corporate policies on access, information security, use, storage and destruction have been prepared and started to be implemented. |
5 |
Confidentiality commitments are made. |
6 |
The signed contracts include data security provisions. |
7 |
Extra security measures are taken for personal data transferred via paper and the relevant documents are sent in confidential document format. |
8 |
Personal data security policies and procedures have been determined. |
9 |
Personal data security problems are reported quickly . |
10 |
Personal data security is monitored. |
11 |
Necessary security measures are taken regarding entry and exit to physical environments containing personal data. |
12 |
The security of physical environments containing personal data is ensured against external risks (fire, flood, etc.). |
13 |
The security of environments containing personal data is ensured. |
14 |
Personal data is reduced as much as possible |
15 |
Periodic and/or random audits are carried out within the institution. |
16 |
Current risks and threats have been identified. |
17 |
Protocols and procedures for the security of special personal data have been determined and implemented. |
18 |
Data Processing service providers are audited at regular intervals regarding data security. |
19 |
Data processing service providers are made aware of data security. |
The following technical measures are implemented to protect Personal Data.
NO |
Description |
1 |
Network security and application security are ensured. |
2 |
A closed system network is used for personal data transfers through the network. |
3 |
Security measures within the scope of supply, development and maintenance of information technology systems are taken. |
4 |
Access logs are kept regularly. |
5 |
Data masking measures are applied when necessary. |
6 |
There is a change of duty. or the authorizations of employees who leave their jobs in this area are removed. |
7 |
Up-to-date anti-virus systems are used. |
8 |
Firewalls are used. |
9 |
Personal data is backed up and the security of the backed-up personal data is ensured. |
10 |
User account management and authorization control system is implemented and these are also monitored. |
11 |
Log records are kept without user intervention. |
12 |
If special personal data is to be sent via e-mail, it must be sent encrypted and using KEP or corporate mail account. |
13 |
Secure encryption / cryptographic keys are used for special personal data and are managed by different units. |
14 |
Encryption is carried out. |
15 |
Special qualified persons' data transferred on portable memory, CD, DVD media are encrypted. |
This Policy aims to process and protect the personal data of our members, employees, prospective employees, visitors, employees of companies and institutions we cooperate with, our suppliers, employees of other institutions with whom we carry out joint activities, and third parties, in accordance with the law.
The scope covers activities related to the protection, processing, transfer and destruction of personal data of members, employees, employee candidates, visitors, suppliers, employees of companies and institutions with which we cooperate, employees of other institutions with which we carry out joint activities, and third parties.
AYDIN COMMODITY EXCHANGE; Personal data is processed in accordance with the procedures and principles stipulated in the Personal Data Protection Law and other laws.
In the processing of personal data, care is taken to comply with the following principles:
AYDIN COMMODITY EXCHANGE, personal data cannot be processed without the explicit consent of the relevant person.
Only if one of the following conditions is present, it is possible to process personal data without the explicit consent of the relevant person within the scope of Personal Data Protection
According to the Personal Data Protection Law, individuals' race, ethnic origin, political opinion, philosophical belief, religion, sect or other beliefs, appearance and dress, association, foundation or union membership, health, sexual life, criminal conviction and security measures and biometric data. and genetic data are special personal data.
AYDIN COMMODITY EXCHANGE maintains the personal data processed within the framework of its activities for the period stipulated in the relevant legislation. In this context, personal data;
Click to Download Personal Data Information Form.