TRIDI PERSONAL DATA PROTECTION AND PRIVACY POLICY

As Tridi Teknoloji Anonim Şirketi (“Tridi”) we attach great importance to ensuring the privacy of users and protecting their personal data so that users of our website www.tridi.co (“Tridi Website”) can benefit from the services we provide on the Tridi Website in a safe, peaceful, and complete manner. Accordingly, this Personal Data Protection and Privacy Policy (hereinafter referred to as the "Policy") is integrated with our Cookie Policy on our Tridi Website. Therefore, we recommend that you review our Personal Data Protection and Privacy Policy together with our Cookie Policy.

This Policy has been prepared in order to process the personal data of Tridi Website users in accordance with the Personal Data Protection Law No. 5598 (“Law”) and to inform the users about this issue. Also, with this Policy, Tridi aims to determine the conditions regarding the use of personal data shared by any user (commonly referred to as the "Data Owner") with Tridi during the operation of the Tridi Website or generated by Tridi during the use of the Tridi Website by the Data Owner.

In the content of this Policy, the Tridi Website users can access comprehensive information regarding the protection of their personal data and privacy regarding their use of Tridi Website.

WHICH PERSONAL DATA IS PROCESSED?

User data that is considered personal data and processed by Tridi in accordance with the above-mentioned Law are as follows: Identity Information, Contact Details, User Information, User Transaction Information, Transaction Security Information, Financial Information, Marketing Information, Demand Management Information.

Unless otherwise stated, the term "Personal Data" shall include the data specified above, as part of the conditions provided within the scope of this Policy. However, it should be noted that data that has been irreversibly anonymized pursuant to Article 7 of this Law will not be considered as Personal Data in accordance with the provisions of this Law. Processing activities regarding the data created in this way are carried out independently of the provisions of this Policy.

HOW AND WHY?

Tridi collects the Personal Data from the transactions of the users through the Tridi Website and processes and transfers them for the purposes and reasons specified in this Policy.

Tridi may process Personal Data provided by the Data Owner for the purposes listed below:

  • Registration of membership for the Tridi Website and keeping the related records.

  • Planning and execution of Tridi's commercial or business strategies

  • Ensuring the legal, commercial, and technical security of Tridi and the people with whom it has business relations.

  • Enabling users to effectively benefit from the services provided through the Tridi Website.

  • Monitoring the performance by detecting system errors and improving and developing the functioning of the Tridi Website.

  • .Carrying out the necessary work by the relevant business units for facilitating the commercial activities carried out by Tridi.

  • Carrying out the necessary work by the business units to allow the users benefit from the products and services offered by Tridi.

  • Carrying out the necessary actions to recommend and promote the products and services offered by Tridi to the relevant users by customizing them according to the tastes, usage habits, and needs of the users.

EXPRESS CONSENT

In case of the express consent of the Data Owner, Tridi will be able to process Personal Data for the following purposes by tracking the data owners' actions on the Tridi Website:

  • Generating statistics and profiling.

  • Improving the user experience.

  • Direct marketing and remarketing.

  • Creating user-specific promotions and and sending them to the relevant user.

  • Using the data obtained within the specified scopes in the content of advertisements and materials.

It should be noted that Tridi may share Personal Data with the parties specified and in the following ways under the conditions set forth above.

HOW TO TRANSFER?

In line with the purposes and principles set forth in this Policy, Tridi may transfer the Personal Data of the Data Owner users and the new data obtained to the third parties whose services it benefits from. Besides, Tridi may also transfer Personal Data and new data obtained from this data to outsourced service providers, hosting service providers, research companies, call centers and, when necessary, law firms for the following purposes:

  • Making operational evaluations,

  • To ensure the security of the Data Owner user,

  • To detect fraudulent or unauthorized use,

  • Troubleshooting errors in the Tridi Website services and similar purposes.

Tridi may share the Personal Data of Data Owner users with Tridi company officials, shareholders, business partners, and authorized public and private institutions and organizations in accordance with the conditions specified in Articles 8 and 9 of the Law. On the other hand, Tridi may transfer the said Personal Data abroad within the framework of the conditions set forth in Article 9 of the Law in line with the decisions of the Personal Data Protection Board.

RIGHTS OF THE DATA SUBJECT

Data Owners have the following rights in accordance with Article 11 of the Law:

  • Learning whether their Personal Data is processed, and requesting information if their Personal Data has been processed,

  • Learning the purpose of processing personal data and whether the personal data is used in accordance with its purpose, knowing the third parties to whom their personal data are transferred in Turkey or abroad,

  • Requesting correction of personal data in case of missing or incorrect processing, and requesting notification of the transaction made within this scope to third parties to whom personal data has been transferred,

  • Despite the fact that it has been processed in accordance with the provisions of the Law and other related laws, if the reasons requiring its processing are invalid, requesting the deletion or destruction of Personal Data and requesting the notification of the transaction made within this scope to the third parties to whom the personal data has been transferred,

  • Objecting to the emergence of a result against the person himself due to analyzing the processed data exclusively through automated systems, and,

  • Requesting compensation for the damages in case damages due to unlawful processing of personal data.

 

PRIVACY STATEMENT

Tridi Teknoloji Anonim Şirket (Tridi or Company), we are extremely sensitive about and attach importance to protection of your personal data. With this awareness, we process all personal data of any individual associated with Tridi in accordance with Personal Data Protection Law (KVKK) and other applicable legislation. 

Tridi acting in the capacity of “Data Controller” as defined in KVKK, processes your personal data with care for the purposes and using methods specified below, within the limits of the legislation and in accordance with the destruction requirements and durations.

1) Definitions

For the purposes of this Information Notice on Protection of Personal Data:

Personal Data: refers to any data related with an identified or identifiable real person (name, surname, T.R. identification number, address, telephone, log-in/ log-out times, position, curriculum vitae, place of birth, date of birth, e-mail address, video records and similar other data),  

Special Categories of Personal Data: refers to any data requiring stricter protection than the other personal data as the disclosure thereof may lead to discrimination or aggravation (race, ethnic origin, political view, religious belief, sect, clothing style, union membership, health, biometric data and similar other data),   

Processing of Personal Data: refers to any activity performed on the personal data, including the collection of the personal data with non-automatic methods as a part of automatic or any data registration system, storage, modification of the personal data, disclosure to third persons and transfer abroad,

KVKK: refers to the Personal Data Protection Law No. 6698 that took effect upon promulgation in the Official Gazette of 7 April 2016,   

Communique: Communique No. 30656 on Procedures and Principles Regarding the Performance of the Obligation to Inform that took effect upon promulgation in the Official Gazette of 10 March 2018, 

Authority: refers to the Personal Data Protection Authority,  

Data Processor: refers to a real or legal person processing Personal Data based on the authorization given by and in the name of the data controller. 

Data Controller: refers to a real or legal person who is responsible to determine the objectives and means of processing personal data, establishes and manages the data storage system.

Data Subject: refers to a real person whose personal data are processed.

2) Data Controller and Contact Person

Data Controller: Tridi Teknoloji Anonim Sirketi

Address : İTÜ Ayazağa Kampüsü Teknokent Arı 4 Binası Katar Cad. No: 2/50/6 Sarıyer / İstanbul

Contact Person : Çınar Topaloğlu

3) Collection of Personal Data, Method of Collection and Processing

Personal data of our customers, customer's stakeholders, customers’ users, employees, prospective employees, shareholders, suppliers, business partners, employees of the collaborated companies or business partners, visitors and other 3rd persons that are in our possession may be collected verbally, in writing or electronically via relevant departments, contact forms, telephone calls, electronic applications, software, various contracts, electronic mail, social media and similar other means and processed automatically or non-automatically in accordance with the Constitution of the Republic of Turkey, International Conventions signed by our country and Personal Data Protection Law No. 6698.

Therefore, as Data Controller, we would like to inform you about the Processing of Personal Data in accordance with the KVKK.

Pursuant to Article 4 of the KVKK, your personal data will be stored and processed: 

i. in compliance with the law and good faith principle, 

ii. accurately and in accordance with the current practices,  

iii. for clear, express and legitimate purposes,

iv. in a manner that is related and proportionate with the purpose of processing, 

v. for the duration as specified in the applicable legislation or for as long as required for the purposes of processing. 

4) Objective of Processing Personal Data

Your personal data collected will be processed for the following purposes in accordance with personal data processing conditions specified in Articles 5 and 6 of KVKK and the Communique:

i. performance of the activities by our business functions in parallel with the purpose of incorporation and our Company's operations,  

ii. maintaining the contact and affairs with the customers, customer's stakeholders, customers’ users, suppliers, business partners, employees of the collaborated companies and business partners and other 3rd persons, 

iii. establishing the communication and affairs with employees, prospective employees, shareholders and executives,  

iv. maintaining the collection and procurement activities and accounting/ financial affairs,  

v. ensuring the physical security and audit of the offices and other locations of our Company,  

vi. conducting assessment, complaint management, legal compliance, internal audit, analysis and other processes of our Company,  

vii. allowing our employees to use healthcare services,   

viii. secure performance of the logistics activities,  

ix. performance of the national and international projects and growth efforts in compliance with the law,  

x. due implementation of the financial processes in our Company,  

xi. due implementation of the human resources processes in our Company,

xii. maintaining the operations in the office as required,  

xiii. maintaining the mandatory and voluntary efforts within the scope of the Information Technologies,  

xiv. ensuring the legal and commercial security of our Company and real and legal persons that have a business relationship with our Company,

5) Transfer of Your Personal Data 

Your personal data may be transferred to foreign investors, employees thereof, shareholders, executive management, business partners, suppliers, business contacts, employees,  those assisting in the performance for the objectives including but not limited to the foregoing objectives in accordance with the KVKK and other applicable legislation, and to third persons in the country and abroad as specified in the legislation applicable to the regulatory authorities and audit authorities in accordance with the business line and objectives.  

6) Storage and Deletion of Personal Data 

Our Company stores personal data processed for the durations specified in the applicable Legislation, or Company policies subject to compliance with the applicable legislation. 

In case it is  practices depending on services provided by our company during processing of the date, and upon expiry of that duration, data is stored solely for the durations that are required to submit evidence in case of legal disputes. Upon expiry of the durations specified above, personal data is deleted, destroyed or anonymized through methods described in the Company's policies.

7) Your Rights as Data Subject 

7.1 Pursuant to Article 11 of KVKK, you have right to: 

i. Get information as to whether your personal information is processed or not. 

ii. Get information if your personal information is processed. 

iii. Get information on the purpose of processing personal data and as to whether they were used in accordance with the purpose. 

iv. Get information on local and foreign third parties who were transferred your personal information. 

v. Request correction if your personal data were processed inaccurately or incompletely. 

vi. Request deletion or destruction of your personal data in accordance with the conditions stipulated in KVKK and other applicable legislation.not specified in the applicable legislation, personal data is stored for the duration of processing required for our Company’s practices and ordinary business

vii. Request notification of third persons who are transferred your personal data in case you request correction of incomplete or wrong data and deletion or destruction of your personal data. 

viii. File objection against unfavourable results obtained through analysis of personal data using automatic systems only. 

ix. Claim compensation of losses and damages you may suffer from due to illegal processing of personal data. 

For the purpose of exercising the aforementioned rights, as a Data Subject, you may complete the relevant Application Form and deliver it to “İTÜ Ayazağa Kampüsü Teknokent Arı 4 Binası Katar Cad. No: 2/50/6 Sarıyer / İstanbul” address upon signing and in person or by mail or via Notary Public together with the information and documents related with the subject of application,   

scan the form and send it to info@tridi.co address via electronic mail, using the electronic mail address notified to Tridi and recorded by Tridi,  

For the purpose of exercising your rights as a data subject, the application containing your explanations on the right intended to be exercised should: 

i. be clear and comprehensible,   

ii. be relevant to a personal request, 

iii. document your special power to do so if you act for and on behalf of others,  

iv. contain your identification and address details,  

v. contain documents substantiating the identity 

Requests regarding the exercise of these rights can be submitted by the Personal Data owners through the methods determined on the Tridi Website, www.tridi.co, owned by Tridi. Tridi aims to finalize such requests within 30 (thirty) days. Tridi reserves the right to charge a fee based on the fee tariff (if any) regarding such requests.

For your questions about our Personal Data Protection and Privacy Policy, you can contact us via the e-mail address of info@tridi.co, or you can call us by dialing +90 212 221 06 35.

Tridi Teknoloji Anonim Şirket

Welcome To Tridi

Contact An Expert