Corporate Privacy Notice Regarding Processing Of Personal Data

This privacy notice is intended to inform the Visitors, Online Visitors, Clients, Potential Clients, Supplier Employees, Supplier Officers of Metrik Bilgisayar Yazılım Danışmanlık Servis San. Tic. Ltd. Şti. regarding processing, retention and transfer of their personal data with respect to the activities to be conducted under the Personal Data Protection Law no. 6698 (the “PDPL”) and relevant regulations and legal requirements.

1. Categories of Personal Data to be Processed and Purposes of Processing

Metrik may process your personal data in order to fulfil the following purposes under the existing business relationships with its business partners (more than one category might apply to a single individual) with due regard for article 4.2 of the PDPL which provides for:

 

(i) Processing in line with the law and principles of integrity,

(ii) Ensuring accuracy and up-to-dateness of the personal data if necessary,

(iii) Processing for specific, explicit and legitimate reasons,

(iv) Ensuring any processing is moderate, connected and limited to the purpose of processing,

(v) Ensuring retention of personal data to the extent provided in the relevant regulation or required for the purpose of processing.

A. Visitors

Our visitors’ physical space security information (e.g. CCTV footage) shall be processed for:

a) promoting security of the applicable physical spaces.

B. Online Visitors

Regarding the use of our website, our online visitors’ process security information (e.g. IP address), marketing information (e.g. cookie settings) and (to the extent you disclose to us*) identification details, contact information (e.g. e-mail address) might be processed for:

  1. performing activities in line with the regulations,
  2. performing information security processes,
  3. monitoring requests/complaints,
  4. conducting communication activities,
  5. furnishing information to authorized individuals, institutions and organizations,
  6. enabling your access to our website on the internet.

C. Clients

With respect to our clients who are real persons or officers and/or employees of legal persons, their identification details, contact information, client transaction details (e.g. order details), physical space security information, financial data (e.g. balance sheet), information about legal processes, marketing information (e.g. shopping history) shall be processed for:       

  1. performing activities in line with the regulations,
  2. performing financial and accounting tasks,
  3. performing/auditing business activities,
  4. conducting logistics activities,
  5. performing after-sales support services,
  6. executing sales processes for goods/services,
  7. undertaking marketing analyses,
  8. executing contractual processes,
  9. furnishing information to authorized individuals, institutions and organizations,
  10. promoting security of the applicable physical spaces,
  11. resolving legal disputes,
  12. undertaking retention and archiving processes,
  13. undertaking risk management processes,
  14. conducting advertisement/campaign/promotion activities,
  15. steering processes for promoting loyalty to the company/products/services,
  16. conducting communication activities.

D. Potential Clients

With respect to our clients who are real persons or officers and/or employees of legal persons, their identification details, contact information, client transaction details, physical space security information, marketing information shall be processed for:

  1. executing sales processes for goods/services,
  2. executing contractual processes,
  3. promoting security of the applicable physical spaces,
  4. conducting advertisement/campaign/promotion activities,
  5. undertaking marketing analyses.

E. Supplier Employee

Supplier employee’s identification details, contact information, physical space security information, information about professional experience (e.g. on-the-job training) shall be processed for:

  1. conducting communication activities,
  2. performing/auditing business activities,
  3. promoting security of the applicable physical spaces,
  4. conducting supply chain management processes,
  5. conducting logistics activities,
  6. performing activities in line with the regulations,
  7. performing occupational health/safety activities.

F. Supplier Officer 

With respect to suppliers who are real persons or officers of legal entities, their identification details, contact information, physical space security information, client transaction details, financial data, marketing information, information about legal processes shall be processed for:

  1. performing/auditing business activities,
  2. executing sales processes for goods/services,
  3. performing financial and accounting tasks,
  4. executing contractual processes,
  5. administering investment processes,
  6. promoting security of the applicable physical spaces,
  7. litigations and legal proceedings.

2. Methods for Collecting Personal Data

The personal data indicated in the aforementioned categories shall be collected through physical means such as purchasing order forms, contracts and visitor forms or IT systems and electronic devices (e.g. telecommunication infrastructure, computer and phones), third parties (e.g. KKB and Findeks), our website and other automatic or non-automatic methods by means of other documentation presented by the data subject.

3. Legal Justification for Collecting Personal Data

Metrik may process your personal data in line with the legal requirements as provided in article 5 of the PDPL in order to fulfil the purposes provided above to the extent that:

 

(i) It is explicitly provided in the laws,

(ii) It is necessary to process the personal data of the parties to a contract provided that any such processing shall be directly related to the execution or performance of the contract,

(iii) It is essential for the data controller to fulfil its legal obligations,

(iv) Processing of personal data is required for creation, use or protection of any right,

(v) The relevant processing is required for legitimate interests of the data controller provided that the fundamental rights and freedoms of the data subject are not impaired.

 

If the processing is not based on one of the legal reasons indicated above, we shall receive your explicit consent to process your personal data.

 4. Transfer of Personal Data to Third Parties

a) Personal data of our visitors might be disclosed to law enforcement agencies and judicial authorities for settlement of legal disputes and upon request under the applicable laws.

b) Personal data of our online visitors might be disclosed to law enforcement agencies and judicial authorities for settlement of legal disputes and upon request under the applicable laws.

c) Personal data of our clients shall be disclosed to the competent public authorities and institutions for performance of activities in line with the legal regulations, conducting and following legal processes and informing authorized individuals, institutions and organizations as necessary and to our group companies, suppliers, cargo companies, insurers, banks and financial advisors to the extent required for performing/auditing business activities, conducting risk management processes and providing services as necessary. Also, the relevant personal data might be disclosed to the contracted law office and judicial authorities in order to constitute evidence in case of potential legal disputes in the future.

d) Personal data of our potential clients might be disclosed to the contracted law office and judicial authorities in order to constitute evidence in case of potential legal disputes in the future.

e) Personal data of supplier employees shall be disclosed to the competent public authorities and institutions for performance of activities in line with the legal regulations, conducting and following legal processes, informing authorized individuals, institutions and organizations as necessary and performing/auditing business activities and to our group companies, suppliers, cargo companies, insurers, banks and financial advisors to the extent required for providing services as necessary. Also, the relevant personal data might be disclosed to the contracted law office and judicial authorities in order to constitute evidence in case of potential legal disputes in the future.

f) Personal data of supplier officers shall be disclosed to the competent public authorities and institutions for performance of activities in line with the legal regulations, conducting and following legal processes, informing authorized individuals, institutions and organizations as necessary and performing/auditing business activities and to our group companies, suppliers, cargo companies, insurers, banks and financial advisors to the extent required for providing services as necessary. Also, the relevant personal data might be disclosed to the contracted law office and judicial authorities in order to constitute evidence in case of potential legal disputes in the future.

5. Use of Data Subject Rights

If you wish to exercise any of your rights under article 11 of the PDPL, please file an application to Metrik by using the “Application Form for Data Subjects” which is available on “www.metric.net” in order to facilitate application processes under the “Communiqué on Principles and Procedures Regarding Applications to Data Controllers”.

 

Data Controller:  Metrik Bilgisayar Yazılım Danışmanlık Servis San. Tic. Ltd. Şti.

Address: İçerenköy Mah. Çayır Cad. Sayar İş Merk. No:11 K:3 Ataşehir – İstanbul

E-mail: info@metric.net