Geoplas Plastik Zemin Teknikleri Kimya Sanayi Ticaret Limited Şirketi Clarifying Text

As Geoplas Plastik Zemin Teknikleri Kimya Sanayi Ticaret Limited Şirket, we pay utmost attention to the protection and security of your personal data. In this context, as the Data Controller, we would like to enlighten and inform you in the most transparent way about the collection of your personal data, the purposes of processing, the legal reasons for processing and your rights, in accordance with the Law on the Protection of Personal Data No. 6698 ("Law") and related legislation, which is regulated with the aim of protecting the fundamental rights and freedoms of individuals, especially the privacy of private life, and the protection of personal data

• Identity and address information of the data controller and its representative, if any; The legal person who will register to the VERBİS system in return for the performance imposed by the law numbered 6698 is Geoplas Plastik Zemin Teknikleri Kimya Sanayi Ticaret Limited Şirketi. The company, which is affiliated to the Sincan tax office with the tax identification number 394 034 89 20, continues its operation at Başkent Organize Sanayi Bölgesi 23. Cad. No:10 Malıköy Temelli Ankara. 

• For what purpose personal data will be processed; The personal data kept by the Geoplas Plastik Zemin Teknikleri Kimya Sanayi Ticaret Limited Şirketi shall be processed in order not to violate the confidentiality of private life, which is the purpose of the law that imposes the obligation to process personal data, and to protect the fundamental rights and freedoms of individuals and to comply with our company's policies. Personal information received from employees working in the company, data obtained from personnel due to legal obligations such as company procedures, Social Security Legislation and Labor Legislation shall be registered as Personal data. The data and personal data obtained by the company by material supply, purchasing services such as information, accounting and lawyer services and continuing its commercial activities such as trading shall be registered. At the same time, the records obtained by the Video Recorders located within the Company's production area and the information obtained from the Electronic devices used by the Company Personnel to carry out their work shall be kept within the scope of Physical Space Security and Transaction Security and registered. 

 The explanations about the group and groups of persons subject to data and the data categories belonging to these persons, in personal data to be processed by Geoplas Plastik Zemin Teknikleri Kimya Sanayi Ticaret Limited Şirketi; 

Groups of Persons Subject to Data consist of nine titles listed below;

- Employee Candidate (Employee in Trial Process)

- Employee

- Authorized Representatives

- Person and Institution from which the company receives its product or service 

- Intern

- Supplier Employee 

- Supplier Official

- Person and Institution Receiving Product or Service from the Company 

Visitor Data Categories of Persons Subject to Data which is divided into nine groups as mentioned above; 

Information such as; 

- Identity 

- Name, Surname 

- Mother’s Name

- Father’s Name

- Mother’s Maiden Name

- Date of Birth

- Place of Birth

- Marital Status

- Serial Number of Identity Card

-TR Identity Number; the identity information of the personnel working with the SSI within the scope of the labor legislation in Geoplas Plastik Zemin Teknikleri Kimya Sanayi Ticaret Limited Şirketi has been provided for the purpose of fulfilling the acts imposed on us by the Social Security Legislation and shall be kept as personal data. In online, written or verbal orders, the identity information of the person or the representative of the legal person to whom the product will be shipped has been provided for the successful delivery of the product and shall be kept as personal data. Identity information provided outside of the company but due to the services received by the company has been provided to be a valid contract for both parties and shall be preserved as personal data. 

- Information such as; Contact -residential address – e-mail address – contact address – registered e-mail address (REM) – phone number; has been provided within the scope of issues such as providing communication between the personnel, notifying the work instructions to the personnel, and shall be kept as personal data. In online, written or verbal orders, it has been provided within the scope of providing information about the order and shipment with the ordering person or institution, and such personal data shall be kept. 

- Location; The location information obtained by the vehicle tracking system in the vehicles given to the personnel performing service in the Marketing department of the company is kept within the scope of the nature of the work and shall be kept as personal data. 

- Entity; The information in the personal file of the company personnel has been provided within the scope of Social Security legislation and labor legislation and with the express consent of the personnel due to issues such as payroll arrangement by the accounting unit, disciplinary investigation by the human resources, submission of the employment and exit declarations, performance evaluation, and considering the background information, and this information, which is personal data, shall be kept by the company. 

- Legal Action; The information and documents which are the personal data obtained for the purpose of making necessary shares with the authorities authorized and assigned by the Law in legal problems that the personnel or the third Persons and institutions with which the company conducts its commercial activities will experience with the company or third parties shall be kept by the company. 

- Customer Operations; Information on the addressee of the documents such as invoices, check notes, receipts, order forms issued by the company in favor of third parties in order to continue their ordinary commercial activities has been provided for the continuation of the commercial relationship between the parties, and these information and documents obtained and in the form of personal data shall be kept by the company. 

- Physical Space Security; Video Recorders located in the production area and management unit record entry and exit of the company personnel and visitors etc. Information and documents in the form of personal data obtained from these devices, which are located to ensure the safety of personnel and visitors and to be used in solving possible problems, will be kept by the company. 

- Transaction Security; Information and documents in the form of personal data obtained from transactions carried out on computers that contain all company secrets and allocated to use by the personnel in order to continue the ordinary commercial activities of the company, e- mail addresses allocated by the company to the of personnel, and from the transactions made in the program used to carry out accounting transactions and to record personal information shall be kept by the company. 

- Finance; Within the scope of the commercial activity of the company; The balance sheet of the business partner who is a person or an institution, the information obtained in the scope of credit and risk assessment, and personal data and documents regarding its assets information shall be kept by the company. 

- Professional Experience; Diploma, course, vocational training information, transcripts and certificates showing the training experience and abilities of the staff to be employed within the company, in order to control the criteria required by the company are personal data, and these information and documents shall be kept by the company. 

- Marketing; The information and documents obtained by the company engaged in business within the scope of marketing activities are personal data, and these information and documents shall be kept by the company. 

- Race and Ethnicity; Due to the ban on the work of foreign personnel who do not have a work permit as per the legislation, nationality information is requested from all employees applying for employment. In addition to the nationality of foreign personnel, information and documents are also requested for the presence of work permits. These information and documents received from personnel with such information and documents are of personal data and shall be kept by the company. 

- Health Information; In order to continue the commercial activities of the company; Information and documents obtained as a result of performing the necessary examination in accordance with the acts imposed on the employers by the Social Security Legislation, the 

Labor Legislation and the Occupational Health and Social Security Law, for the purpose of being fixed with a health report to be prepared by a physician whether there is a situation that prevents the personnel from working in that line of business, and due to the obligation to employ handicapped workers stated in the Labor Law are personal data, ad these shall be kept by the company. 

- Criminal Conviction and Security Measures; In case of recruitment of new personnel to the company, when recruiting under company rules, the document regarding the criminal record obtained with the explicit consent of the worker for the purpose of determining whether the worker is within the scope specified by the Labor Law is personal data, and this document shall be kept by the company. 

- Biometric Data; Fingerprints taken from the personnel; The use of the fingerprint reading device placed in various parts of the factory to keep the entry and exit payroll records of the personnel working in the factory and the management unit, ensures the work discipline and ensures the control of the entrance and exit of the personnel. The fingerprint data taken within this scope is personal data and is kept by the company. 

- Genetic Data; In the light of the information received from the personnel who were examined for employment entry within the scope of the Occupational Health and Safety legislation; basic genetic data such as blood type are provided to meet the needs in emergency situations. These data are used in case of need for the above mentioned purpose and are kept by the company. 

• Recipients or groups of recipients to whom personal data can be transferred, The personal data mentioned above are accessible to those concerned. The human resources unit in the company can access the issues such as Identity, communication, health, diploma, biometric data, race, professional experience, and legal process specified in the personal file. In addition, the Finance and Accounting unit can access the necessary information for the payment of the personnel and for conducting business transactions with the other person / institution in a business relationship. The Finance and Sales unit, which gets into contact with persons and institutions for the purpose of continuing commercial activity, has access to the necessary information and documents related to these persons and institutions. In the company's own legal problem and the legal problems faced by the company regarding personnel, the relevant information and document can be accessed by the consultant lawyer from whom the company provides services. 

• Personal data intended to be transferred to foreign countries, The company does not transfer any data to foreign countries. 

• Measures taken regarding personal data security, Administrative and technical measures have been taken by the company in this regard. Administrative Measures; Current Risks and Threats Have Been Determined; and The data obtained by the company are not private personal data, only basic personal data including information about the titles and Tax Identification numbers of the company / persons that are in its body and have a commercial relationship is obtained. Regarding the protection of this information, those concerned are 

trained on the obligations imposed by the Law on Personal Data Protection, and they are provided with the necessary knowledge and experience on the subject. With this training, it is emphasized that the personnel in a position that can access personal data should not make and share illegal statements. Also, necessary information is provided about reducing the data provided by redundant personal data as much as possible, and possible consequences in case of data breach are emphasized. Necessary measures were taken at the Cyber Security Point. Our company has taken the necessary measures in order to prevent any possible attacks against the fact that all kinds of information and documents are kept electronically within the scope of the contemporary conditions. 2 separate firewalls have been established against attacks on the company network and external connections, and these firewalls have protected the company against cyber-attacks. Our firewall device (Firewall) in our company is Sophos brand XG115 model. We have a license. Necessary measures have been taken at the security point with the extra virus program and the server. 

• Maximum time required for the purpose for which personal data are processed; Information and documents containing personal data that must be provided and stored by nature are kept in the company archive as long as the law orders. However, if this period expires, this information and documents are destroyed immediately. Information and documents provided previously are not kept on the grounds that they may be needed later. According to the Social Security legislation and the Labor Law, the information specified in the employee files of the workers should be kept for 10 years following the year in which they are related. Personal data obtained in this context shall be kept for 10 years as of the relevant year. Then it shall be destroyed immediately. According to the Tax Procedure Law; since the company is obliged to keep books, it is obliged to keep the documents written in the third part of the TPL with the books for five years starting from the calendar year following their respective years. Commercial records such as order form, delivery note, invoice etc. obtained within this scope shall be kept for 5 years following the calendar year in which they are related. However, since these periods are specified as 10 years in the Turkish Commercial Code, commercial records shall be kept for 10 years. This includes any commercial transactions such as Check Samples - Payment documents – etc. Then it shall be destroyed immediately. It shall be kept for a year and then destroyed immediately. The image recordings are kept for twenty days. This document, which is recorded against possible problems, is self-destructed twenty days after its registration. Our company fulfills the performance of our company within the limits ordered by the law within the scope of the Law on Personal Data Protection. 

Click for Application Form on Protection of Personal Data. 

Kişisel Verilerin Korunması Başvuru Formu İçin Tıklayınız.