As Key Yazılım Çözümleri A.Ş. (Key Software Solutions INC), (“Company”, “Data Controller”), attaches importance to the security and privacy of your data, and in this dignity, your data that we request from you and share with us, as a “Data Controller” within the scope of the Personal Data Protection Law No. 6698 (“KKVK”), we present the following issues for your information to fulfill the informing obligation arising from Article 10 of the Law.

WHICH OF YOUR DATA IS PROCESSED

Your data is processed verbally, in writing, or electronically, via automatic or non-automatic methods, such as the website, social media, and e-mail. The following personal data (including but not limited to those listed) that you have provided to us and/or can be updated due to your interest in or benefit from our company’s services and products can be processed:

• Your name, surname, date of birth, and the other data in your identity
• Your phone number, e-mail addresses, and other your communication data such as your address,
• If you use our websites, your behavior and digital trace information obtained through cookies,
• If you visit our company, your images through closed circuit camera recording systems,
• Your visual and audio data that we have obtained within the framework of our promotions, workshops, and similar organizations,
• If you are a business partner of our company, your financial data such as bank account number, IBAN, invoicing information for the execution of contracts,
• Activity certificate, professional chamber registration, etc. obtained within the scope of the performance of the contract. provide professional data and, if necessary, the circular of signature and signature provided,
• If you are an employee of our company or if you work for an employer in a business partnership with our company; your training data, your service contract within the framework of your employment relationship, your work inclination, and your performance; your health data; your data on private health insurance and financing; Your Social Security Institution data; TCKN, your visa/passport data; your vehicle data and, without limitation, your other personal data that can be processed within the scope of your service contract,

PURPOSE OF PROCESSING PERSONAL DATA AND LEGAL REASON

Your personal data, the realization of commercial activities carried out by our company and the management and execution of related business processes, business partners and / or relations with suppliers, technical management of our company’s websites, customer management and follow up of requests / complaints, customer satisfaction surveys and follow-up of questions you send to our company , our business units carry out the necessary work to benefit you from the products and services offered by our company, planning and executing sales, marketing and after-sales processes of products and/or services, informing about the contents of our company’s products and services, customer satisfaction, managing customer complaints and demands , customer relations, holding and conducting meetings, workshops, training and other organizations within our company, conducting legal and commercial relations with our company and people who have business relations with our company, and conducting these relations ensuring the security,administrative operations for communication carried out by our company, employee administration and management, ensuring the physical security and supervision of the company’s locations, tracking contract processes and/or legal requests, planning and executing Human Resources and personnel recruitment processes, and following up and carrying out training and training activities, planning and/or execution of health and/or security processes, conducting research and development activities, ensuring that our Company can benefit from incentives, planning and executing corporate communication and corporate governance activities, carrying out information security management services, monitoring and auditing financial and/or accounting works, and Carrying out activities for the determination of financial risks, determining and implementing our company’s commercial and business strategies, for the purposes to be notified to the person concerned during the acquisition of information and as required or in line with the relevant legislation. To ensure the fulfillment of legal obligations as required and limited to these purposes; In Article 5 of KVKK, “The data controller must apply its legal obligations”, “the data processing is mandatory for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the data subject”, “provided that it is directly related to the establishment or performance of a contract, personal data belonging to the parties of the contract” necessary to process the data” It is processed based on legal reasons and in line with the basic principles of personal data protection law.

TRANSFERRING PERSONAL DATA

Your collected personal data, within the framework of the personal data processing conditions and purposes specified in Articles 8 and 9 of the Law, for the purposes specified in the Clarification Text, domestic law enforcement agencies, law enforcement agencies, courts, and enforcement offices, third party real and legal entities, affiliates, customers, service providers/suppliers, business partners, company shareholders, and board members, domestic institutions and organizations from which we receive data storage and storage services, and individuals and organizations with whom we receive contractual services and cooperate to carry out our activities. Your data is not transferred abroad.

PERSONAL DATA PROCESSING METHODS

Application forms, employment contracts and other commercial agreements, customer satisfaction forms, supplier evaluation forms, and other forms and documents are filled and submitted to us, CVs are submitted to us by relevant persons, and electronic tracking and physical access control systems in the workplace (e.g. biometric and card-based access control systems) access systems, CCTV), information systems and electronic devices (eg telecommunications infrastructure, computers, and telephones), İŞKUR and private employment offices (including Kariyer.net, etc.), third parties (eg: KKB and Findeks), online, third Cookies/Cookies collected through parties, Tracking Cookies/Tracking Cookies created by third parties (eg Hotjar), site usage measurement systems and other documents declared by the person concerned are collected verbally, in writing or electronically.

STORAGE OF PERSONAL DATA

Your data will be deleted, destroyed, or anonymized by us by the KVKK and other applicable legislation, when our purpose for processing ceases and/or when the statute of limitations for us to process your data expires by the bill.

SECURITY OF YOUR DATA

Our company takes all possible technical and administrative measures, and technological possibilities, to prevent the unlawful processing of your data and to provide the necessary level of security for the safe keeping of your data.

YOUR LEGAL RIGHTS AS A RELATED PERSON

By Article 11 of the KVKK, regarding your data, provided that you prove your identity;

• To learn if the company processes personal data about you, and if so, to request information about it,
• To learn the purpose of processing your data and if they are used for the purpose,
• You have the right to learn if data is transferred domestically or abroad and to whom.

In addition, you have the right to request the company to correct your inaccurate and incomplete personal data and to inform the recipients whose data has been or may have been transferred.

You may request the company to have your data destroyed (deleted, destroyed, or anonymized) within the framework of the conditions stipulated in Article 7 of the KVKK. At the same time, you can request that the third parties to whom the data has been or may be transferred be informed about your destruction request. However, by evaluating your destruction request, we will evaluate which method is appropriate according to the conditions of the concrete case. In this context, you can always request information from us about why we have chosen the destruction method we have chosen.

You can object to the results of your personal data analysis, created exclusively using an automated system if these results are contrary to your interests. If you suffer damage due to the unlawful processing of your data, you can request the removal of the damage.

Your requests in your application will be concluded free of charge within thirty days at the latest, depending on the nature of the request. However, if the transaction requires a separate cost for the Company, the fee in the tariff determined by the Personal Data Protection Board may be charged. You must submit your application, written petition, and personally prove your identity, to our Company regarding the processing of your data.

METHODS OF USE OF YOUR RIGHTS

You can submit your applications regarding your rights listed above to the Data Controller by filling out the application form in the link above.

By the Rescript on the Procedures and Principles of Application to the Data Controller, the name, surname, signature if the application is in writing, T.C. identification number, (passport number if the applicant is a foreigner), residence or workplace address for notification, e-mail address for notification, if any, telephone number and fax number, and information on the subject of the request.

The Relevant Person must clearly and comprehensibly state the subject requested in the application, which includes explanations regarding the right he/she will make and request to use the above-mentioned rights. Information and documents related to the application must be attached to the application.

Although the subject of the request must be related to the person of the applicant, if acting on behalf of someone else, the applicant must be expressly authorized in this regard and this authority must be documented (special power of attorney). Moreover, the application must contain identity and address information, and documents confirming identity must be attached to the application.

Requests made by unauthorized third parties on behalf of someone else will not be considered.

RESPONSE TIME TO YOUR REQUESTS

Your demands regarding your data are evaluated and answered in 30 days at the latest from the date they reach us. However, if the transaction requires an additional cost, the fee in the tariff determined by the Personal Data Protection Board will be charged by our company.

If your application is evaluated negatively, the reasons for rejection are sent to the address you specified in the application, primarily by e-mail or postal mail, using one of the methods selected in the application form below.

If your data is changed in any way, please update your data by contacting us through the communication channels listed below.

Data Controller Contact Information:

       Key Yazılım Çözümleri A.Ş. (Key Software Solutions Inc.)