We, Veriteknik Telekom/Bilişim Ltd. Şti., declare that your data might be processed such that preserving the accuracy and currentness of your personal data as provided, concerning our relationship formed as we provide you services, in a way that is relevant, limited and proportionate to the purposes for which the processing of the data. Your data will be recorded, stored, preserved, reorganized, transferred to parties that are authorized to request your personal data and to third parties within the country and abroad in accordance with the terms stipulated under the Law, categorized and processed in other ways stipulated by the Law.
YOUR PERSONAL DATA MIGHT BE SUBJECTED TO PROCESSING
Your personal data that may be processed as stated in this notice are as follows:
Yukarıdaki metinde belirtilen şekillerde işlenebilecek veri tipleri şu şekildedir;
- Identity Information
Name, surname, copy of ID card (name, surname, Turkish ID no, serial no, father’s name, mother’s name, birth place, date of birth, marital status, registered province-city-district-village, volume no, family serial no, issuing place, reason for issue, registration no, date issued, maiden name) gender,
- Contact Details
E-mail, mobile phone no, work phone no, work address, postal address, postal code, Facebook, Linkedin or Twitter accounts
- Financial Information
Bank account information, credit card no, expiry date, payment amount, payment date, currency, receipt explanation, debt, account receivables, balance, contract value, services provided, VAT information, service term, process of collection, Invoice Information Screen (Name, surname, invoice records, invoice ID, tax office, tax no, tax ID no, address, country, province, city, postal code, e-mail, invoice currency, VAT exemption information), Invoice Information Screen (account current),(Title, address, serial no, invoice ID, invoice type, invoice date, customer tax office/no/natural person, accounting transfer status, invoice status, account making choice, invoice class, dispatch note date, invoice foreign currency type/exchange rate, Code, explanation, count, price, amount, period, term, revenue type, amount, total, VAT rate, VAT, general total, Account Information Screen (Account no, payment type, automated payment, first and last 4 digits of card no, payment value, account start date, revenue type, whether or not management service is received, whether or not a RioRey DDOS defense service is received, whether or not a Voxility DDOS defense service is received, whether or not there is a contract in place, Open account, warning threshold, due date, source of sale, seller, domain, password, hosting package, account payment information; date, value, result (paid/unpaid), automated payment information; date, result (successful/unsuccessful), service information; purchased properties, current properties, host name, server name), Customer Account Current Card (market code, sales representative, name & surname, authorized distributor, head company, technician, payment method, collection method, delivery, current currency, types of risks, risk threshold, open account, checks & bonds, local currency, valid currency, current currency, company foreign currency, accounting connection definitions, accounting calculations, letter of guarantee account code, letter of guarantee account name, recorded exportation account code, mal. Mer. code, planning, risk group, group definition, agreement group, in-group company information, account current group, planning group code, kon. account current, exempt from late interest date and interest difference, barcode, collection rate, advance account current code, latest debt clear date, latest account current movement date, e-invoice user status, automated update, scenario, sender unit/currency, PO box tag, contract no, intergroup, DBS inclusive, main channel, channel group, channel detail, discount exclusive (except from discounts applied to customer), old account current code, new account current code, customer type, sales group, sales region name, BABS group, usage in BA-BS report, comments
- Sensitive Data
Photo, blood type and religion information on the copy of ID card or on driver’s license, and in some cases fingerprint
- Employment/Education Information
Employer company, position, school, faculty information, title
- Audial / Visual Data
Photo of natural person, voice recordings, camera recordings
Approved stamp duty statement, circular of signature, all customer data on panel.sanallastirma.com (mother’s maiden name (as security question), SMS login verification (OTP), recorded references, father’s name, member type, discounts, e-bulletin, IP White list, services received, payment type, payment date, package, value), account type, account, subject, “type message” section, option to add files in support tickets on panel.sanallastirma.com, OS, IP address, connection port, user name, password, used panels/database Access information, encountered issue, steps leading to the issue, “additional information” section in panel.
PURPOSES AND METHODS OF COLLECTING YOUR PERSONAL DATA
As Veriteknik Ltd. Şti. we collect your personal data verbally, physically or electronically for the performance of our sales agreement, to fulfill our legal obligations as a company, for reasons required per law, and for the Company’s legitimate interests. We collect your visual and establishment – name – date data through CCTV and server room visit forms signed by your side for our legal obligation to ensure workplace security and the Company’s legitimate interest. For the Company’s legitimate interest and efficiency for technical support, we collect your voice recordings during phone-calls. Progresses during a technical problem and information relavent gathered from customer/organization relationship are also beeing reported. We also gather your personal data via legal documents and notices we formally received in order to fulfill our legal obligations.
PURPOSES OF PROCESSING YOUR PERSONAL DATA
We process your aforementioned and other personal data you provided for the purposes below:
To maintain our service provider-customer relation, especially;
- Starting sales process, meeting face to face, new sales, upsell and forming a contract with customers
- To provide services of set up and management of infrastructure, network, virtual and shared firewalls, web servers, set up and management of e-mail servers, set up and management of database servers, DNS and FTP server management, Windows and Linux operation systems management, web panel management, network management; firewall security devices management, switch and router management, back up services; file back up and restoration, image based management of server, monitoring, as requested.
- Customer support
- Sending e-mail to respond customer requests
- Informing customers regarding the operations to be conducted on their services and cabinets
- Manual and online money collection and holding records of money transfers.
- Relocation of the infrastructure in case of a natural disaster affecting Company headquarters
- Logging the hardware given to or taken from customers
- Management of receiving/sending processes of the hardware customers send.
- Providing monthly, daily and hourly management services
- Providing access permissions for natural person customers, and representatives and employees of legal entity customers to certain areas of the company and ensuring company security.
- Providing the customers with wireless internet they can use in the office quarters.
To ensure certain processes required by law, especially;
- Payment of stamp duty for sales agreement
- Sending final invoice to customers
- Fulfillment of customer return requests
- Preparation of invoice and note of expenses
- Organization of e-Archive invoices
To provide a better service for you, to improve ourselves, to carry out marketing and research activities;
- Being able to assess customer complaints and provide support to customer requests
- Achieving customer satisfaction
- Promotional use, providing communications material and improving brand recognition
- Enrolling customers to systems and creating customer account cards.
- Updating customer information
- Software development and updates/patches
- Logging money order payments
- Creating reports on various matters
- Managing customer visits, attending meetings with customers, informing customers on technical subjects
- Sharing communication information of representatives and customers (business card etc.)
For company management, continuation of work, application of company policies, especially;
- Ensuring workplace security
- Managing customer visits
To exercise our right of defense against legal demands, especially;
- Management of customer complaints
We process your personal data for the duration stipulated by relevant legislation or the maximum time required due to the purpose of processing and in any case for the duration of statutes of limitations.
TRANSFER OF TOUR PERSONAL DATA TO THIRD PARTIES IN THE COUNTRY
Your personal data are occasionally transferred to companies which are experts in their fields or to servers of the programs we use in order for us to perform certain activities:
- Your name, surname, invoice no, sum, payment date, and first and last 4 digits of your card are transferred to service provider banks for purposes of money collection, cancellation of invoice and money return.
- For the invoice operations through Finance Department related data are registered via the Wolvox, Orkestra and Zirve software.
- Customer name, surname, Turkish ID no, tax office, country, city, tax no and contract sum may be transferred to public accounting company in order to draft stamp duty statements and approve invoices.
- Only relevant personal data such as your name, surname and address are shared with courier company in order for the invoices to be delivered to customers.
- If the Company receives a police order/prosecutor writ, CCTV and voice recordings are transferred to relevant authorities to comply with legal duties.
Additionally, in order to exercise our right to defense we may duly provide your personal data to our attorneys and to relevant authorities to comply with a duly notified legal order such as court order, Customer Arbitration Committee order or evidence request.
TRANSFER OF YOUR PERSONAL DATA TO THIRD PARTIES RESIDING ABROAD
- In the case of receiving domain name service; name, company, address, phone, fax no and e-mail information requested by Whois (domain name search engine) may be transferred to countries abroad which may or may not have sufficient protection.
As per Article 11 of the Law, after you verify your identity, you will have the right to be informed about;
- whether or not the Company processes your personal data; and if so, to request information as to such processing
- the purpose of processing your personal data and whether they are used in accordance with the purpose
- whether or not your personal data have been transferred to third parties in the country or abroad; and if so, to request information as to whom your personal data is transferred to
Additionally, you have the right to request from the Company to correct your erroneous data and inform recipients of data to whom your personal data were transferred or may be transferred.
You may request from the Company to neutralize (delete, destroy or anonymize) your personal data within the scope of the conditions stipulated under Article 7 of the Law. You may also request from the Company to inform third parties to whom your personal data were transferred or may be transferred regarding your neutralization and/or correction request. However, we will be evaluating which neutralization method is the most appropriate, or whether applicable or not at the time of your request. You reserve the right to ask us which method is chosen and why we chose that method at any time.
You may object to your personal data analysis results, which were formed through a separate automated system, if such results are against your best interests.
You may request compensation for the damages that you may have suffered due to unlawful use of your data.
We will respond to your requests included in your application within thirty days and free of charge depending on the type of request. However, if the procedure requires an additional cost for the Company, we may request the fee designated in the Data Protection Board’s tariff under the Communiqué of Terms and Conditions for Application to Data Controller.
You must submit your application regarding processing of your personal data in writing or via KEP (Officially Registered E-mail Address) address, secure electronic signature, mobile signature or the e-mail address provided by you to the Company and stored in our records. The Company may require additional confirmation (via sending message to your registered phone, phone call etc.) depending on the nature and method of your application in order to determine whether the application is submitted by you and protect your rights. For example, if you submit an application via your e-mail registered in the company, we may contact you through another communication channel available to Company and ask to confirm that you are the applicant.