INTERFLEX Plastic Insulation Industry Trade Limited Company Privacy Notice
As INTERFLEX Plastic Insulation Industry Trade Limited Company, we take utmost care in protecting and securing your personal data. In this context, in accordance with Law No. 6698 on the Protection of Personal Data ("the Law") and related legislation, which aims to protect the fundamental rights and freedoms of individuals, primarily the privacy of private life, we, as the Data Controller, wish to inform and enlighten you in the most transparent way regarding the methods of collecting your personal data, the purposes of processing, the legal grounds for processing, and your rights.
• Identity and address information of the Data Controller and, if applicable, its representative; The legal entity that will register with the VERBİS system in accordance with the obligations imposed by Law No. 6698 is INTERFLEX Plastic Insulation Industry Trade Limited Company. The company, registered with the Kahramankazan tax office under tax identification number 465 107 04 32, operates at the address Dağyaka Mahallesi 2030. Cad. No:20 Kahramankazan Ankara.
• The purposes for which personal data will be processed; Personal data held by INTERFLEX Plastic Insulation Industry Trade Limited Company will be processed in accordance with the law that mandates the processing of personal data, in order to avoid violating the right to privacy, protect the fundamental rights and freedoms of individuals, and act in accordance with our company's policies. Personal information obtained from employees due to legal obligations such as company procedures, Social Security Legislation, and Labor Legislation will be recorded in the personal data registry. Data obtained by the company regarding material procurement, service procurement such as IT, accounting, and legal services, and commercial activities such as buying and selling will be recorded in the personal data registry. At the same time, recordings from video recording devices located within the company's production area and information obtained from electronic devices used by company personnel for their work will be kept and recorded in the registry within the scope of Physical Security and Transaction Security.
• Explanations regarding the data subject group(s) and data categories belonging to these individuals, in the personal data to be processed by INTERFLEX Plastic Insulation Industry Trade Limited Company; Data Subject Groups;
- Job Applicant (Trial Staff)
- Employee - Authorized Representatives
- Individual/Institution from whom the Company purchases products or services
- Intern
- Supplier Employee
- Supplier Representative
- Individual/Institution from whom the Company purchases products or services
- Visitor These nine categories are comprised of the above-mentioned individuals. The Data Categories of Data Subjects, divided into nine groups as stated above, are: - Identity
- First Name, Last Name
- Mother's Name
- Father's Name
- Mother's Maiden Name
- Date of Birth
- Place of Birth
- Marital Status
- National Identity Card Serial Number
– Information such as Turkish Republic Identity Number; The identity information of personnel working for INTERFLEX Plastic Insulation Industry Trade Limited Company under the scope of labor legislation and registered with the Social Security Institution (SGK) is obtained for the purpose of fulfilling the obligations imposed on us by Social Security Legislation and will be kept as personal data. In online, written, or verbal orders, the identity information of the person or legal entity representative to whom the product will be shipped is obtained for the purpose of successful product shipment and will be kept as personal data. Identity information obtained from entities outside the company but related to services received by the company is collected for the purpose of ensuring the validity of the contract for both parties and will be kept as personal data.
- Communication: Information regarding residential address, email address, contact address, registered electronic mail address (KEP), and telephone number is collected for purposes such as facilitating communication between personnel, informing personnel of work instructions, etc., and will be kept as personal data. Information regarding orders and shipments is collected for online, written, or verbal orders and will be kept as personal data.
- Location: Location information obtained from vehicle tracking systems in vehicles provided to personnel working in the company's marketing department is kept as personal data within the scope of the nature of the work.
- Personnel Information: The information contained in the personnel files of the company's employees has been obtained within the scope of Social Security and Labor Law, and has been obtained with the explicit consent of the employees for purposes such as payroll preparation by the accounting unit, disciplinary investigations to be conducted by human resources, submission of entry and exit declarations, performance evaluations, and consideration of resume information. This information, which is considered personal data, will be kept by the company.
- Legal Transactions: Personal data and documents obtained for the purpose of sharing necessary information with the authorities authorized and responsible by law in legal problems that personnel or third parties with whom the company conducts its commercial activities may experience with the company or third parties will be kept by the company.
- Customer Transactions: Information regarding the recipient of documents such as invoices, checks, promissory notes, receipts, and order forms issued by the company in favor of third parties for the purpose of conducting its ordinary commercial activities has been obtained for the purpose of maintaining the commercial relationship between the parties, and this personal data and documents obtained will be kept by the company.
- Physical Security: Video recording devices located in the production area and management unit keep records of the entry and exit of company personnel and visitors, etc. Personal data and documents obtained from these devices, which are positioned to ensure the security of personnel and visitors and to be used in the resolution of possible problems, will be kept by the company.
- Transaction Security: Information and documents constituting personal data obtained from transactions on computers allocated to personnel for the purpose of conducting the company's normal business operations, including all company secrets, email addresses allocated to personnel, and transactions performed on programs used for accounting and personnel record keeping, will be kept by the company.
- Finance: Information and documents constituting personal data obtained regarding the balance sheet, credit and risk assessment, and asset information of business partners (individuals or institutions) within the scope of the company's commercial activities will be kept by the company.
- Professional Experience: Diplomas, courses, in-service training information, transcripts, and certificates demonstrating the education, experience, and skills of personnel to be employed by the company, obtained for the purpose of verifying that they meet the criteria sought by the company, are considered personal data and will be kept by the company.
- Marketing: Information and documents obtained within the scope of the marketing activities of the commercially active company are considered personal data and will be kept by the company.
- Race and Ethnic Origin: Due to the prohibition of employing foreign personnel without work permits under relevant legislation, the company requests nationality information from every employee applying for employment. In addition to nationality, information and documents regarding the existence of work permits are also requested from foreign nationals. Information and documents obtained from personnel with such permits are considered personal data and will be kept by the company.
- Health Information: For the purpose of the company continuing its commercial activities; information and documents obtained to ensure that necessary examinations are conducted in accordance with the obligations imposed on employers by Social Security Legislation, Labor Legislation, and the Occupational Health and Social Security Law, and to confirm whether there is any condition preventing the employee from working in that particular sector through a health report issued by a physician, and due to the obligation to employ disabled workers as stipulated in the Labor Law, are considered personal data and will be kept by the company.
- Criminal Conviction and Security Measures: In the event of new employee recruitment, a criminal record certificate obtained with the employee's explicit consent is considered personal data and will be kept by the company to determine whether the employee falls within the scope of the Labor Law as defined by company rules.
- Biometric Data: Fingerprints taken from employees; Fingerprint readers placed in various areas of the factory are used to keep records of employee entry and exit times in the factory and management units, ensuring work discipline and controlling employee entry and exit. Fingerprint data obtained within this scope is considered personal data and is kept by the company.
- Genetic Data: Based on information obtained from personnel undergoing pre-employment medical examinations within the scope of occupational health and safety legislation, basic genetic data such as blood type is obtained to meet needs in emergency situations. This data is used as needed for the purposes mentioned above and is kept by the company.
• Recipient(s) or recipient groups to whom personal data may be transferred: The relevant parties have access to the personal data mentioned above. The company's human resources department can access information such as identity, contact information, health information, diploma, biometric data, race, professional experience, legal transactions, etc., specified in the personnel file.
The following information is attached. Furthermore, the Finance and Accounting unit has access to the necessary information for the payment of employee salaries and the execution of commercial transactions with other individuals/institutions within the business relationship. The Finance and Sales unit, which establishes communication with individuals and institutions for the continuation of commercial activity, has access to the necessary information and documents regarding these individuals and institutions. The company's legal advisor has access to relevant information and documents regarding the company's own legal problems and legal issues faced by the company concerning its personnel.
• Personal data intended to be transferred to foreign countries: The company does not transfer any data to foreign countries.
• Measures taken regarding personal data security: The company has taken administrative and technical measures in this regard. Administrative Measures: Existing risks and threats have been identified; the data obtained by the company is not special categories of personal data, only basic personal data such as the titles and tax identification numbers of employees and companies/individuals with whom the company has commercial relationships. Relevant individuals have been trained on the obligations imposed by the Personal Data Protection Law regarding the protection of this information, and have been provided with the necessary knowledge and experience on the subject. This training emphasized the necessity for personnel in positions with access to personal data not to make or share statements that violate the law. It also provided information on minimizing the amount of unnecessary personal data obtained and discussed the potential consequences of data breaches. Necessary measures have been taken regarding cybersecurity. Given the reality of the modern age where all information and documents are stored electronically, our company has taken the necessary precautions to prevent potential attacks. Additional antivirus software and server security measures have been implemented.
• Maximum period for which personal data is necessary for the purpose for which it is processed: Information and documents containing personal data that must be obtained and stored due to their nature are kept in the company archive for the period mandated by law. However, upon the expiration of this period, this information and documents are immediately destroyed. Information and documents obtained previously are not retained on the grounds that they may be needed later. According to Social Security legislation and the Labor Law, information specified in employees' personnel files must be kept for 10 years following the year to which it relates. Personal data obtained within this scope will be kept for 10 years from the year to which it relates. After that, it will be immediately destroyed. According to the Tax Procedure Law, the company; Since keeping accounting records is mandatory, the accounting records and documents specified in the third section of the Tax Procedure Law (VUK) must be kept for a period of five years, starting from the calendar year following the year to which they relate. In this context, order forms, delivery notes, invoices, etc., commercial records will be kept for 5 years following the calendar year to which they relate. However, since the Turkish Commercial Code specifies a period of 10 years, commercial records will be kept for 10 years. This includes all types of commercial transactions such as check samples and payment documents. They will be immediately destroyed afterwards. They will be kept for one year and then immediately destroyed. Image recordings are stored for twenty days. In case of any problems, these recorded documents are automatically destroyed twenty days after the date they are recorded. Our company fulfills its obligations under the Personal Data Protection Law within the limits mandated by the law.
Click here for the Personal Data Protection Application Form.