Privacy Policy

PRIVACY POLICY OF HOLONET BİLİŞİM TEKNOLOJİLERİ SANAYİ VE TİCARET A.Ş.

The purpose of this Privacy Policy of HOLONET BİLİŞİM TEKNOLOJİLERİ SANAYİ VE TİCARET A.Ş. (“Privacy Policy”) is to determine the terms and conditions regarding the use of personal data shared during the operation of the website of www.holonext.com (“Website”) operated by Holonet Bilişim Teknolojileri Sanayi ve Ticaret A.Ş. (“Company”) by the users of the Website, its members or its visitors (“Data Owner”) with the Company or the personal data produced by the Company, by the Data Owner during her/his use of the Website.

The Data Owner declares that s/he is informed about processing of her/his personal data by this Privacy Policy and that s/he gives her/his consent to use of her/his personal data as specified herein.

Which Data Is Processed?

Data processed by the Company and considered as personal data pursuant to the Protection of Personal Data Law numbered 6698 (the “PPD Law”) are listed. Unless otherwise expressly stated, the term “personal data” shall include the following information within the scope of the terms and conditions provided under this Privacy Policy:

  • Identity Information
  • Contact Information
  • Process Information
  • Safety Information
  • Financial Information
  • Marketing Information

The data owner may also share her/his “special categories of personal data” (personal data related to race, ethnic origin, political opinion, philosophical belief, religion, sect or other beliefs, clothing and outfit, membership to association, foundation or syndicate, health, sexual life, criminal conviction and safety precautions and the bio-metrical and genetic data) with the Company on the Website, and the Data Owner gives her/his explicit consent to processing of her/his data under these circumstances within the scope of this Privacy Policy for the purposes mentioned.

Pursuant to the Article 3 and 7 of the PPD Law, anonymized data shall not be considered as personal data in accordance with the provisions of the referred law, and processing activities related to this data shall be performed without being subject to the provisions of this Privacy Policy.

For What Purposes Is the Data Used?

The Company can process personal data provided by the Data Owner for the purposes of the performance of necessary works by business units and related business processes to give benefit to personal data owners from services offered by the Company, including to give benefit to the Data Owner from the services provided on the Website, and planning and execution of activities required to offer and introduce, do marketing to relevant persons by customizing these services in accordance with likes, usage habits and needs of the personal data owners and ensuring the legal, technical and commercial-occupational safety of the Company and those persons who have a business relationship with the Company, and the planning and execution of the business strategies of the Company.

The Company can process and share personal data with third parties in accordance with Articles 5 and 8 of the PPD Law and/or in the existence of exceptions in the relevant legislation, without obtaining the consent of the Data Owner.

These situations are listed below:

Explicitly prescribed by law,

  • It is mandatory for the protection of life or physical integrity of the person or of any other person who is unable to disclose her/his consent due to actual impossibility or whose consent is not deemed legally valid,
  • It is necessary to process personal data, provided that it is directly related to the establishment or performance of any contract between the Data Owner and the Company,
  • It is mandatory for the Company to fulfill its legal obligations,
  • The data concerned is made available to the public by the Data Owner her/himself,
  • Data processing is mandatory for the establishment, exercise or protection of any right,
  • Processing data is mandatory for the legitimate interests of the Company, provided that this processing shall not violate the fundamental rights and freedoms of the Data Owner.

Who Can Access Data?

The Company may transfer the personal data belonging to the Data Owner and the new data obtained by using this personal data to the third parties in the country or abroad that the Company gains benefit from their services in order to fulfill the purposes determined by this Privacy Policy, provided that such transfer is restricted with the purpose of the provision of the mentioned services.

The Company will be able to share these with third parties such as outsourcing service providers including those who send SMS, hosting service providers (hosting services), law offices, research companies, call centers, in order to improve the Data Owner experience (including improvement and customization), to ensure the security of the Data Owner, to detect fraudulent or unauthorized uses, to conduct operational evaluation research, to carry out troubleshooting regarding the Website services, and to fulfill any of the purposes contained in this Privacy  Policy.

The Data Owner acknowledges that the mentioned third parties may be able to store Personal Data of the Data Owner on their servers all around the world, provided that it is restricted with the purposes stated above, and that s/he gives her/his consent in advance.

What are the Rights of Personal Data Owner?

Pursuant to Article 11 of the PPD Law, the Data Owners have rights:

(i) To learn as to whether her/his Personal data has been processed,

(ii) if her/his Personal data is processed, to request information in this regard,

(iii) to learn the purpose of processing her/his Personal data and as to whether these are used appropriate to its purpose,

(iv) to know the third parties in the country or abroad to which her/his personal data is transferred,

(v) to request for the correction of her/his personal data if these are processed incompletely or incorrectly and to request the notification to the third parties to whom her/his personal data has been transferred of the transaction realized within this scope,

(vi) to request the erasure or destruction of her/his personal data in the event of the disappearance of the reasons requiring the processing of these, even if these have been processed pursuant to the PPD Law or provisions of other related law, and to request the notification to the third parties to whom her/his personal data has been transferred of the transaction realized within this scope,

(vii) to object to a result which is occurred against her/him by analysing the processed data exclusively through automated systems,

(viii) to request the indemnification of damages in case s/he has incurred damages due to the process of her/his personal data in violation of the law.

Such rights shall be evaluated and concluded within 30 (thirty) days if these are transmitted by personal data owners. Although it is essential that no fee is requested for the requests, the Company reserves the right to request a fee on the tariff of fees determined by the PPD Board, if the process also requires an additional cost.

The Data Owner undertakes that the information subject to this Privacy Policy is complete, correct and up-to-date, and that any changes occur in this information, s/he will update the same immediately. The Company shall not have any responsibility if the Data Owner has not provided up-to-date information.

The Data Owner hereby declares that s/he agrees that s/he may not be able to make use of the operation of the Website fully if s/he makes a request that results in the failure of usage of any of her/his personal data by the Company, and that s/he will be liable for any kind of responsibility arising within this scope.

What is the Retention Period of Personal Data?

The Company will retain the personal data provided by the Data Owner during the period required by the above-mentioned processing purposes.

In addition to this, in case of any dispute arising between the Company and the Data Owner, the Company may retain personal data during the statute of limitations specified in the relevant legislation and restricted with the purpose of the realization of its defences required within the scope of the dispute.

What are the Precautions and Undertakings Regarding Data Security?

The Company undertakes to take the necessary technical and administrative measures and to perform required audits to ensure the appropriate level of security, for the purpose of ensuring

  • that the personal data is not illegally processed,
  • that the personal data is not illegally accessed and
  • that the personal data is retained,

within the conditions set out in the relevant legislation or expressed in this Privacy Policy.

The Company shall not disclose the personal data that it has obtained about the Data Owner to anyone else in violation of the provisions of this Privacy Policy and the PPD Law and shall not use it other than processing purpose.

If a link is provided to other applications on the Website, the Company takes no responsibility regarding the Privacy policies and contents of these applications.

Cookies

Our Company uses technology called cookies in order for you to make the most efficient use of our Website and to improve your user experience. If you do not prefer using Cookies, you can delete or prevent Cookies from your browser settings. However, we would like to remind you that this may affect your use of our Website.

Unless you change your Cookie settings from your browser, it is assumed that you accept the use of cookies on this Website.

Changes to the Privacy Policy

The Company may make changes to the provisions of Privacy Policy any time. The present Privacy Policy takes effect on the date that it is submitted to the Data Owner by any means.