LPPD
Privacy and Data Policy on the Processing and Protection of Personal Data
IDENTITY OF THE DATA CONTROLLER
Ankaref İnovasyon ve Teknoloji A.Ş. (“Şirket”) olarak, kişisel verilerinizin güvenliğine ve mahremiyetine önem veriyor ve bu itibarla sizlerden talep ettiğimiz ve bizlerle paylaştığınız kişisel verilerinize ilişkin olarak 6698 sayılı Kişisel Verilerin Korunması Kanunu (“KVKK”) kapsamında “Veri Sorumlusu” sıfatıyla aşağıdaki hususları Kanun’un 10. maddesinden doğan aydınlatma yükümlülüğünü yerine getirmek amacıyla bilgilerinize sunuyoruz.
PURPOSES OF PROCESSING PERSONAL DATA
Your personal data is collected and processed for the following purposes: carrying out the commercial activities conducted by our Company and related business processes, managing and executing relations with business partners and/or suppliers, technical management of our Company’s websites, customer management and tracking of complaints, product surveys and follow-up of questions you submit to our Company, providing information about the content of our products and services, ensuring customer satisfaction, managing customer complaints and requests, managing customer relations, conducting administrative operations related to communication carried out by our Company, following up contract processes and/or legal claims, conducting research and development activities, planning and conducting corporate communication and corporate governance activities, carrying out information security management services, determining and implementing our Company’s commercial and business strategies, creating and monitoring visitor records, fulfilling legal obligations in accordance with the purposes notified to the data subject at the time of data collection, and as required or mandated by applicable legislation. Your personal data is processed within the conditions and purposes of personal data processing set forth in Articles 5 and 6 of KVKK and limited to the purposes described above.
TRANSFER OF PERSONAL DATA AND PURPOSES OF TRANSFER
The personal data collected may be shared, in line with the purposes stated above and within the framework of Article 8 of the Law, with domestic official institutions and organizations, law enforcement agencies, courts and enforcement offices, third-party natural and legal persons with whom we cooperate, service providers, business partners, Company shareholders, suppliers, and support service providers, as well as domestic cloud storage service providers.
Your personal data may also be transferred abroad within the scope of the conditions specified in Article 9 of the Law, limited to the purposes set forth in this Policy, through third-party cookies activated upon your approval of this Policy and/or by changing your browser’s cookie preferences (e.g., Google cookies), and limited to the data accessible by such cookies. For detailed information regarding our cookie practices, please review our our Cookie Policy.
METHOD AND LEGAL BASIS OF COLLECTING PERSONAL DATA
Your personal data is collected verbally, in writing, or electronically through: Cookies created by our website, Third-party tracking cookies, Website usage measurement systems, Log records kept in line with our obligations under Law No. 5651 on the Regulation of Publications on the Internet, Other documents submitted by the relevant individual via the communication section of our website.
The personal data obtained through these methods are processed in accordance with Articles 5 and 6 of the KVKK and the fundamental principles of personal data protection law.
HOW DO WE STORE YOUR PERSONAL DATA?
Your personal data shared with our Company is stored on secure domestic servers, in accordance with legal regulations, KVKK provisions, and Company policies.
HOW LONG DO WE RETAIN YOUR PERSONAL DATA?
In compliance with KVKK, once the purpose requiring processing is eliminated and/or the statutory limitation periods for processing have expired, your personal data will be deleted, destroyed, or anonymized by us.
SECURITY MEASURES FOR YOUR PERSONAL DATA
Our Company takes all necessary technical and administrative measures, within the limits of available technology, to prevent unlawful processing of personal data and ensure secure storage.
RIGHTS OF DATA SUBJECTS
Pursuant to Article 11 of the KVKK, everyone has the right to apply to the data controller and request:
To learn whether their personal data is processed,
To request information if personal data has been processed,
To learn the purpose of processing and whether it is used in line with such purpose,
To know the third parties to whom personal data is transferred domestically or abroad,
To request the correction of incomplete or incorrect data,
To request deletion or destruction of data within the framework of Article 7,
To request notification of the actions taken as per (d) and (e) above to third parties to whom data has been transferred,
To object to results arising against themselves through analysis of data exclusively by automated systems,
To request compensation if they suffer damages due to unlawful processing of personal data.
HOW CAN YOU EXERCISE YOUR RIGHTS?
You may submit your applications here regarding the rights listed above by completing the Application Form available and sending it to the Data Controller.
According to the Communiqué on the Procedures and Principles of Application to Data Controller, applications must include: name, surname, signature if the application is in writing, Turkish ID number (or passport number if foreign), residential or workplace address for notification, email address (if available), telephone and fax numbers, and details of the request.
The Data Subject must clearly and explicitly state the matter requested in the application, including explanations regarding the right they wish to exercise, and must attach the relevant information and documents to the application.
The subject of the request must concern the applicant personally; however, if acting on behalf of another person, the applicant must be specifically authorized in this regard and provide documentation of such authorization (special power of attorney). In addition, the application must include the applicant’s identity and address information, and documents verifying their identity must be attached.
Requests made by unauthorized third parties on behalf of others will not be considered.
RESPONSE TIME TO YOUR REQUESTS
Requests regarding your personal data will be evaluated and responded to within 30 days at the latest from the date of receipt. However, if the process incurs an additional cost, our Company may charge the fee determined by the Personal Data Protection Board.
If your application is rejected, reasons for the refusal will be sent to the address or contact details you provided in your application primarily by email or post.
CONTACT INFORMATION OF THE DATA CONTROLLER
Ankaref Innovation and Technology Inc.
METU Technopolis, Twin Blocks, 1st Floor, No:3, Çankaya, Ankara
Tel: +90 312 299 21 64
Email : ankarefino@hs01.kep.tr
EN 
TR 
DE 
AR